Mybloggie@2.1.6 Security Vulnerabilities and Issues — Mybloggie@2.1.6 CVE List

Lucene search

MyweblandMybloggie2.1.6

3 matches found

CVE•added 2008/07/09 12:41 a.m.•39 views

CVE-2008-3080

Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.

5.1CVSS7.6AI score0.00189EPSS

CVE•added 2008/07/09 12:41 a.m.•36 views

CVE-2007-1899

Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via (2) the post_id parameter...

5.1CVSS8AI score0.00189EPSS

CVE•added 2008/07/09 12:41 a.m.•27 views

CVE-2007-3650

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal the installation path in v...

5.3CVSS6.2AI score0.00254EPSS